• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

openVPN on Azure

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    openVPN on Azure

    I'm looking to get some kind of VPN going to link up a router at a site, a few PCs and my ubuntu VMs on azure. The azure gateway is a bit pricey and I've built an openVPN server before so it's in my capability.

    My main concern is is really if I set one up, openVPN clients on VMs, leave the openVPN server ports open to the world, is that security madness? Should I be restricting the IPs to my locations?

    Is an openVPN server something that gets attacked? Are they known to get compromised? Am I going to go into my VMs and find 10 Chinese in there?

    #2
    Originally posted by minestrone View Post
    I'm looking to get some kind of VPN going to link up a router at a site, a few PCs and my ubuntu VMs on azure. The azure gateway is a bit pricey and I've built an openVPN server before so it's in my capability.

    My main concern is is really if I set one up, openVPN clients on VMs, leave the openVPN server ports open to the world, is that security madness? Should I be restricting the IPs to my locations?

    Is an openVPN server something that gets attacked? Are they known to get compromised? Am I going to go into my VMs and find 10 Chinese in there?
    It will be fine providing you lock it down good at the OS level and NSG it.
    You still have data egress costs.

    How are you getting on the Ubuntu VMs right now?!
    Don't believe it, until you see it!

    Comment


      #3
      i've got my own IPs on the VM NSGs for SSH but they change frequently so see the VPN as fixing that.

      The other public ports come through cloudflare with china and the rest of the hacking nations black listed. So moderately concerned about just opening up a port to the world.

      Comment


        #4
        Have a look at GitHub - trailofbits/algo: Set up a personal VPN in the cloud - I've used it to set up a VPN before. Although it handles the various cloud providers, you can also use it on your own Ubuntu server if you prefer.

        All clients specified at setup get their own newly-generated keypair to connect with, and you can optionally configure it to allow you to generate keypairs for new clients later (default is to not allow any new clients after initial setup). Should keep (most of) the Chinese out.

        Comment


          #5
          I'm running an OpenVPN server in Azure - having previously tried out the VPN Gateway option (too expensive!).

          It running fine on Ubuntu 18.04, I used the Digital Ocean setup guide.

          I do restrict access to the VPN port 1194 using a Network security group inbound rule as I've got a static IP.

          Comment

          Working...
          X